Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

Поиск уязвимостСй ΠΏΠΎ источнику Π‘Π”Π£ ЀБВЭК

Π‘Π”Π£ ЀБВЭК

Поиск уязвимостСй ΠΏΠΎ источнику Microsoft MSRC

Microsoft MSRC

Поиск уязвимостСй ΠΏΠΎ источнику NVD

NVD

Поиск уязвимостСй ΠΏΠΎ источнику Oracle ELSA

Oracle ELSA

Поиск уязвимостСй ΠΏΠΎ источнику Red Hat CVE

Red Hat CVE

Поиск уязвимостСй ΠΏΠΎ источнику Π Π•Π” ОБ

Π Π•Π” ОБ

Поиск уязвимостСй ΠΏΠΎ источнику Rocky RLSA

Rocky RLSA

Поиск уязвимостСй ΠΏΠΎ источнику SUSE CVRF

SUSE CVRF

Поиск уязвимостСй ΠΏΠΎ источнику Ubuntu

Ubuntu

Поиск уязвимостСй ΠΏΠΎ источнику Debian

Debian

Поиск уязвимостСй ΠΏΠΎ источнику Github

Github

ΠšΠΎΠ»ΠΈΡ‡Π΅ΡΡ‚Π²ΠΎ 19

ΠšΠΎΠ»ΠΈΡ‡Π΅ΡΡ‚Π²ΠΎ 19

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2022-23042

большС 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the suc...

CVSS3: 7
EPSS: Низкий
nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2022-23042

большС 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the succes

CVSS3: 7
EPSS: Низкий
debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2022-23042

большС 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Linux PV device frontends vulnerable to attacks by backends T[his CNA ...

CVSS3: 7
EPSS: Низкий
github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-vg9g-89fh-g3hw

большС 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the suc...

CVSS3: 7
EPSS: Низкий
fstec Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

BDU:2022-05400

большС 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ ΡƒΡ‚ΠΈΠ»ΠΈΡ‚Ρ‹ Π³ΠΈΠΏΠ΅Ρ€Π²ΠΈΠ·ΠΎΡ€Π° Xen, вызванная ошибками синхронизации ΠΏΡ€ΠΈ использовании ΠΎΠ±Ρ‰Π΅Π³ΠΎ рСсурса, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡŽΡ‰Π°Ρ Π½Π°Ρ€ΡƒΡˆΠΈΡ‚Π΅Π»ΡŽ Π²Ρ‹Π·Π²Π°Ρ‚ΡŒ ΠΎΡ‚ΠΊΠ°Π· Π² обслуТивании

CVSS3: 7
EPSS: Низкий
oracle-oval Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

ELSA-2022-9480

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

ELSA-2022-9480: Unbreakable Enterprise kernel-container security update (IMPORTANT)

EPSS: Низкий
oracle-oval Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

ELSA-2022-9479

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

ELSA-2022-9479: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS: Низкий
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

SUSE-SU-2022:1283-1

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Security update for the Linux Kernel

EPSS: Низкий
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

SUSE-SU-2022:1270-1

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Security update for the Linux Kernel

EPSS: Низкий
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

SUSE-SU-2022:1256-1

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Security update for the Linux Kernel

EPSS: Низкий
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

SUSE-SU-2022:1402-1

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Security update for the Linux Kernel

EPSS: Низкий
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

SUSE-SU-2022:1267-1

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Security update for the Linux Kernel

EPSS: Низкий
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

SUSE-SU-2022:1266-1

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Security update for the Linux Kernel

EPSS: Низкий
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

SUSE-SU-2022:1255-1

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Security update for the Linux Kernel

EPSS: Низкий
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

SUSE-SU-2022:1197-1

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Security update for the Linux Kernel

EPSS: Низкий
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

openSUSE-SU-2022:1039-1

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Security update for the Linux Kernel

EPSS: Низкий
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

SUSE-SU-2022:1196-1

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Security update for the Linux Kernel

EPSS: Низкий
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

SUSE-SU-2022:1039-1

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Security update for the Linux Kernel

EPSS: Низкий
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

SUSE-SU-2022:1163-1

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Security update for the Linux Kernel

EPSS: Низкий

УязвимостСй Π½Π° страницу

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ
CVSS
EPSS
ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ
ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
CVE-2022-23042

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the suc...

CVSS3: 7
0%
Низкий
большС 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
CVE-2022-23042

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the succes

CVSS3: 7
0%
Низкий
большС 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
CVE-2022-23042

Linux PV device frontends vulnerable to attacks by backends T[his CNA ...

CVSS3: 7
0%
Низкий
большС 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
GHSA-vg9g-89fh-g3hw

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the suc...

CVSS3: 7
0%
Низкий
большС 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
fstec Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
BDU:2022-05400

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ ΡƒΡ‚ΠΈΠ»ΠΈΡ‚Ρ‹ Π³ΠΈΠΏΠ΅Ρ€Π²ΠΈΠ·ΠΎΡ€Π° Xen, вызванная ошибками синхронизации ΠΏΡ€ΠΈ использовании ΠΎΠ±Ρ‰Π΅Π³ΠΎ рСсурса, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡŽΡ‰Π°Ρ Π½Π°Ρ€ΡƒΡˆΠΈΡ‚Π΅Π»ΡŽ Π²Ρ‹Π·Π²Π°Ρ‚ΡŒ ΠΎΡ‚ΠΊΠ°Π· Π² обслуТивании

CVSS3: 7
0%
Низкий
большС 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
oracle-oval Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
ELSA-2022-9480

ELSA-2022-9480: Unbreakable Enterprise kernel-container security update (IMPORTANT)

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
oracle-oval Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
ELSA-2022-9479

ELSA-2022-9479: Unbreakable Enterprise kernel security update (IMPORTANT)

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
SUSE-SU-2022:1283-1

Security update for the Linux Kernel

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
SUSE-SU-2022:1270-1

Security update for the Linux Kernel

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
SUSE-SU-2022:1256-1

Security update for the Linux Kernel

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
SUSE-SU-2022:1402-1

Security update for the Linux Kernel

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
SUSE-SU-2022:1267-1

Security update for the Linux Kernel

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
SUSE-SU-2022:1266-1

Security update for the Linux Kernel

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
SUSE-SU-2022:1255-1

Security update for the Linux Kernel

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
SUSE-SU-2022:1197-1

Security update for the Linux Kernel

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
openSUSE-SU-2022:1039-1

Security update for the Linux Kernel

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
SUSE-SU-2022:1196-1

Security update for the Linux Kernel

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
SUSE-SU-2022:1039-1

Security update for the Linux Kernel

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄
suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ
SUSE-SU-2022:1163-1

Security update for the Linux Kernel

ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

УязвимостСй Π½Π° страницу

exploitDog - КомплСксноС Ρ€Π΅ΡˆΠ΅Π½ΠΈΠ΅ для обнаруТСния, ΠΎΡ†Π΅Π½ΠΊΠΈ ΠΈ устранСния уязвимостСй.